NIST INFORMATION TECHNOLOGY LABORATORY CLOUD COMPUTING PROGRAM

The Road to Cloud Standards via a Reference Architecture

Robert Bohn NIST Information Technology Laboratory

MAGIC Meeting

NCO/NITRD June 1, 2011

NIST INFORMATION TECHNOLOGY LABORATORY CLOUD COMPUTING PROGRAM

Background

• Technological Maturity

• Economic

• Standards Driven

– Data Portability

– Service Interoperability

– Security

– Cloud to Cloud interaction

• USG needs a starting point – A Reference

2

NIST INFORMATION TECHNOLOGY LABORATORY CLOUD COMPUTING PROGRAM

3

3 Service Models - SaaS, PaaS, IaaS

4 Deployment models - Public, Private, Community, Hybrid

5 Essential Characteristics On demand self-service Broad network access Resource Pooling Rapid Elasticity Measured Service

Develop a vendor neutral reference architecture consistent with the NIST Cloud Computing definition

A Cloud Determine the “What” of Cloud Computing, not the “How”

Objective

NIST INFORMATION TECHNOLOGY LABORATORY CLOUD COMPUTING PROGRAM

NIST Cloud Computing Reference Architecture Actors and their Roles

Cloud Carrier

The intermediary that provides connectivity and transport of cloud services from Cloud Providers to Cloud Consumers.

Cloud Provider

Person, organization or entity responsible for making a service available to Cloud Consumers.

Cloud Auditor

A party that can conduct independent assessment

of cloud services, information system

operations, performance and security of the cloud

implementation.

Cloud Consumer

Person or organization that maintains a

business relationship with, and uses service from Cloud Providers.

Cloud

Broker

An entity that manages the use, performance and delivery of cloud

services, and negotiates

relationships between Cloud Providers and

Cloud Consumers.

4

NIST INFORMATION TECHNOLOGY LABORATORY CLOUD COMPUTING PROGRAM

Cloud Provider

The NIST Cloud Computing Reference Architecture

Cloud Service

Management

Cloud Carrier

Cloud

Auditor

Cloud

Consumer

Provisioning/

Configuration

Portability/

Interoperability

Security

Audit

Privacy

Impact Audit

Performance

Audit

Business

Support

Sec

uri

ty

Pri

vac

y

Cloud

Broker

Service

Intermediation

Service

Aggregation

Service

Arbitrage Physical Resource Layer

Hardware

Facility

Resource Abstraction and

Control Layer

Service Layer

IaaS

SaaS

PaaS

5

NIST INFORMATION TECHNOLOGY LABORATORY CLOUD COMPUTING PROGRAM

Taxonomies

Taxonomy: The science of categorization, or classification, of things based on a predetermined system. (Webopedia)

Main Attributes:

• Typically a controlled vocabulary with a hierarchical tree-like structure

• Terms in a taxonomy have relationships with other terms

• Usually in the form of a parent (broader) / child (narrower)

Benefits:

• Encompasses and labels all significant concepts within a given domain

• Allows users to understand the context of each label

6

NIST INFORMATION TECHNOLOGY LABORATORY CLOUD COMPUTING PROGRAM

RA Taxonomy

7

NIST INFORMATION TECHNOLOGY LABORATORY CLOUD COMPUTING PROGRAM

Examples Terms and Definitions

Level 1: • Cloud Service Provider – Person, organization or higher-level system responsible for making

a service available to service consumers.

Level 2: • Cloud Service Management – Cloud Service Management includes all the service-related

functions that are necessary for the management and operations of those services required by or proposed to customers.

Level 3: • Public Cloud - The cloud infrastructure is made available to the general public or a large

industry group and is owned by an organization selling cloud services. [NIST Definition of Cloud Computing]

Level 4: • Data Portability – The ability to transfer data from one system to another without being

required to recreate or reenter data descriptions or to modify significantly the application being transported. [Federal Standard 1037C]

8

NIST INFORMATION TECHNOLOGY LABORATORY CLOUD COMPUTING PROGRAM

Next Steps

• Version 2.0 of NIST Cloud Computing Reference Architecture

– Includes a more detailed description of security and privacy.

– Maps USG Target BUC to RA

– Deep Dive into NIST Service Models

– Cloud Data Issues

• Version 2.0 of NIST Cloud Computing Taxonomy which

includes – Security & Privacy

– Updated SaaS taxonomy to reflect USG Business Use Cases.

– Newly identified additional taxonomies to support USG Business Use Case

9

NIST INFORMATION TECHNOLOGY LABORATORY CLOUD COMPUTING PROGRAM

Acknowledgements Dr. Fang Liu, Jin Tong, Dr. Jian Mao: Knowcean Consulting Inc. Dr. Robert Bohn, John Messina: NIST ITL Dawn Leaf, NIST Senior Executive for Cloud Computing

With broad contributions from members of the NIST Reference Architecture and Taxonomy Working Group and the Reference Architecture Analysis Team:

Randy Baklini, Gregg Brown, Frederic De Vaulx, Michele Drgon, Anne Frantzen, Babak Jahromi, Dean Kemp, Cary Landis, Eugene Luster, Bob Marcus, Gary Mazzaferro, Hung Nguyen, Marlin Pohlman, Alan Sill, Ken Stavinoha, Pat Stingley, Tom Young and Jay Levine

10

NIST INFORMATION TECHNOLOGY LABORATORY CLOUD COMPUTING PROGRAM

Questions?

NIST Cloud Computing Collaboration Site

http://collaborate.nist.gov/twiki-cloud-computing/

NIST Cloud Computing Home Page

http://www.nist.gov/itl/cloud

11

Contact: Dawn Leaf dawn.leaf@nist.gov Lee Badger lee.badger@nist.gov Robert Bohn robert.bohn@nist.gov